package com.xd.shiro;
import org.apache.shiro.mgt.SecurityManager;
import org.apache.shiro.session.mgt.SessionManager;
import org.apache.shiro.spring.LifecycleBeanPostProcessor;
import org.apache.shiro.spring.security.interceptor.AuthorizationAttributeSourceAdvisor;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.apache.shiro.web.session.mgt.DefaultWebSessionManager;
import org.springframework.aop.framework.autoproxy.DefaultAdvisorAutoProxyCreator;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;

import java.util.LinkedHashMap;

/**
 * Shiro的配置文件
 *
 * @author Mark sunlightcs@gmail.com
 * @since 3.0.0 2017-09-27
 */
@Configuration
public class ShiroConfig {
    /**
     * 单机环境，session交给shiro管理
     */
    @Bean
    @ConditionalOnProperty(prefix = "dz", name = "cluster", havingValue = "false")
    public DefaultWebSessionManager sessionManager(@Value("${dz.globalSessionTimeout:3600}") long globalSessionTimeout){

        /**
         * 默认的web应用Session管理器，主要是涉及到Session和Cookie
         */

        DefaultWebSessionManager sessionManager = new DefaultWebSessionManager();

        /**
         * 需要让此session可以使用该定时调度器进行检测
         */
        sessionManager.setSessionValidationSchedulerEnabled(true);

        /**
         * 使用shiro过程中，有时url会遇到JSESSIONID这个小尾巴
         */
        sessionManager.setSessionIdUrlRewritingEnabled(false);
        /**
         * 相隔多久检查一次session的有效性
         */
        sessionManager.setSessionValidationInterval(globalSessionTimeout * 1000);
        /**
         * 设置超时时间
         */
        sessionManager.setGlobalSessionTimeout(globalSessionTimeout * 1000);

        return sessionManager;
    }


    @Bean
    public SecurityManager securityManager(UserReaml userReaml, SessionManager sessionManager) {
        /**
         * DefaultWebSecurityManager类主要定义了session的创建，启动，暂停与cookie的关联的定义
         */
        DefaultWebSecurityManager securityManager = new DefaultWebSecurityManager();

        securityManager.setRealm(userReaml);

        securityManager.setSessionManager(sessionManager);

        securityManager.setRememberMeManager(null);

        return securityManager;
    }


    @Bean
    public ShiroFilterFactoryBean shiroFilter(SecurityManager securityManager) {
        ShiroFilterFactoryBean shiroFilter = new ShiroFilterFactoryBean();
        // Shiro的核心安全接口,这个属性是必须的
        shiroFilter.setSecurityManager(securityManager);
        // 身份认证失败，则跳转到登录页面的配置
        shiroFilter.setLoginUrl("/index");
        // 权限认证失败，则跳转到指定页面
        shiroFilter.setUnauthorizedUrl("/302");
        // Shiro连接约束配置，即过滤链的定义
        LinkedHashMap<String, String> filterChainDefinitionMap = new LinkedHashMap<>();
        filterChainDefinitionMap.put("/","anon");
      /*  filterChainDefinitionMap.put("/login","anon");
        filterChainDefinitionMap.put("/MenuController/**","anon");
        filterChainDefinitionMap.put("/homeController/login","anon");
        filterChainDefinitionMap.put("/captcha.jpg","anon");
        filterChainDefinitionMap.put("/UserController/captcha.jpg","anon");
        filterChainDefinitionMap.put("/favicon.ico","anon");
        filterChainDefinitionMap.put("/static/**","anon");
        filterChainDefinitionMap.put("/JQ/**","anon");
        filterChainDefinitionMap.put("/admin/**","anon");
        filterChainDefinitionMap.put("/**","authc");*/
        shiroFilter.setFilterChainDefinitionMap(filterChainDefinitionMap);
        return shiroFilter;
    }
    @Bean
    public LifecycleBeanPostProcessor lifecycleBeanPostProcessor() {
        return new LifecycleBeanPostProcessor();
    }

    @Bean
    public DefaultAdvisorAutoProxyCreator defaultAdvisorAutoProxyCreator() {
        DefaultAdvisorAutoProxyCreator proxyCreator = new DefaultAdvisorAutoProxyCreator();
        proxyCreator.setProxyTargetClass(true);
        return proxyCreator;
    }

    @Bean
    public AuthorizationAttributeSourceAdvisor authorizationAttributeSourceAdvisor(SecurityManager securityManager) {
        AuthorizationAttributeSourceAdvisor advisor = new AuthorizationAttributeSourceAdvisor();
        advisor.setSecurityManager(securityManager);
        return advisor;
    }
}
